climate change. the notion that we are the only country not in the paris climate weords is a travesty and have not stayed on course with other countries. nation inthe richest the world and we have citizens going bankrupt trying to cover basic health care costs and that is an outrage and we should be ashamed. >> next, a look at consumers, corporations, and governments approaching surveillance and national security. we will hear from lawyers and officials and washington, d.c..

edgar: good evening, everyone. can you hear me? good. my name is edgar dolby, the executive director here at arena stage, and i would like to think i have the best job in the world. one of the reasons is that we get to introduce new programs and new ideas that we have with arenas forum, civil dialogue. we asked a question whether that is actually possible in this day and age, and it all started with the across the table lunch with

amitai etzioni, our -- if this were our play, he would be our playwright, and he would also be our director. he is really welcome here at arena stage. we like to think we are in the empathy business. i ask at every board meeting -- what is your business? i think building empathy during we have a number of core values from here, and at the top of that list is learning in the rehearsal. at the rehearsal hall and you are meant to take risks, you're meant to be generous, be prepared to step into another character's shoes and to work on telling a story. so it seemed to be the idea that

we get together and we have some conversation starters. we have been engaged in a very civil way in looking at an opposite point of view. it seems to be a natural fit for us at arena stage. so this is the first in the arena stage forums. we are test driving the idea. we have two more that are scheduled third that information is at the back of your program here. but it is meaningful to me that we are able to do this on monday nights. monday nights -- there are no performances, so we should light the place up. well, i am hoping that we light the place on monday nights on many occasions around such an important purpose as engaging in civil dialogue around difficult issues. so amitai etzioni does not really need any introduction. his very brief resume is in the program.

i just want to say that i feel like i've made a new best friend. i certainly admire the fact that you have the generosity of spirit to share your humanitarian ways with us and the fact you have assembled such a wonderful group to engage in this discussion. he must be a bit of a prophet as well, because he knew that the topic for tonight would be so relevant. i know you wanted to pick something that was maybe not so hot and controversial, but it did not work out that way. [laughter]

edgar: so let me get out of the way. please welcome my new dear friend, amitai etzioni. thank you. [applause] dr. etzioni: edgar, thank you very much indeed. it has been a true joy working with you. from the luncheon we had, the whole idea was a long sentence. edgar and his staff turned it into an event that is completely easy working together. it is also an opportunity for me to speak to the arena staff. there is a lot of work that goes into an event like this. dialogue starters who are all extremely in demand and busy people. and for all of you for joining to access the dialogue, i like to also say, edgar, we met our first marker, because this evening, we are going to be on c-span, which means our conversations are going to reach way beyond this room. we are hoping to model that people who come from different backgrounds, but people work for the government, people from the private sector, that people from academia, liberals -- do we have somebody who is not a liberal? we have a rich variety of viewpoints, but i'm quite confident that we're going to

have a very civil dialogue to the theater for me is a magical place where did you leave the world in which you live, a normal world, behind, and for two hours, you can dance with "the king and i" in thailand, and tonight, maybe you can leave behind the world of confrontation and anger and inter-this magical world of dialogue. i want to add one more thing, and that i will get out of the way.

the way i see what is happening out there, borrowed from the court system, the advocacy models and employed for discussion of public policy, there i see in the court there are only two sides. very rarely third or fourth. and each side presents the most stark, extreme points, emotional way they are positioned. one final thing, the nicest person alive, he has a dog, he calls his mother every christmas, and some say he is the most awful person that she does not have a cat and is not say hi to his father. but the position of justice and truth for real life. we have long said privacy is dead are being killed. they are recording your dinner conversations. on the other side we hear corporations are building safe

havens for terrorists, even in the court. and out of this extreme again, some kind of reasonable position should arise.

i think sovereign points or a good position. it is assumed that we have at least two major considerations. we clearly have an alienable rights. and we clearly have a concern for the common good. for public safety, protection, public health. they do come in conversations, and a good conversation will start by not assuming that one will trump the others and make all his way, but we have to start. at the end of the year, we can hardly minimize the conflict. this is one of the biggest subjects of tonight's conversations. we want to ask our panelists -- are we failing too far in direction of securing surveillance? or are we allowing high fire encryption to not allow the

government to do his job? where are we going? gabe: thank you so much. thank you, professor etzioni. i will be a good lawyer and answer the question with a question here. the question is -- is the balance appropriate between surveillance and privacy? i will push back a little bit on that. balance is perhaps the wrong -- our system of government is the one based around i think an agreement that we all have the best way to do things is where we have ambition checking ambition. this is the old joke. i used to work at the aclu. the attorneys on "saturday night live" would keep saying "checks and balances, checks and balances," and i think that is what we are all striving to look for. if it has hard and fast rules that ensure to the greatest

extent possible law enforcement and the domestic activities of our military and services are focusing on individual circumstances where there is some indication of wrongdoing. a search warrant is the basic example of that that says you cannot really do anything unless you can say, articulate in a clear way with specific facts that what you are trying to do is based upon some predication, that it is based upon some real suspicion that what you are going out to do is going to find something wrong. again, the issue is -- you mentioned the word "reconcile." i think it is reconciliation. we are trying find ways or rehab effect of law enforcement, but we have these primordial principles, these first principles that underpin our free society. so i wanted to bring two specific points. you asked us to as racists of the question, which is -- how can we make things better? i think in two ways, i think

there are two specific things that came to mind when i was trying to think about that. if i were king of the world, and i do not want to get too wonky, but i would do a better job of establishing policy legislation that is almost technology agnostic. what i mean by that is the political system tends to focus on the state-of-the-art at the particular time. you know is a good example of that. if you look at police procedurals, most to go with think that you need a warrant to wiretapping phone -- which you do -- and you need a warrant to search emails -- which you actually don't in some cases. the reason for that is congress, when they were legislating on

what is required for law enforcement to access female, congress was looking at a system where it was extremely expensive to store a males the cloud, the proto-cloud at that time. you are talking about in the tens of thousands of dollars for a gigabyte of information, whereas now that the cost of that is in cents. so the notion of someone having

an entire decades' worth of gmail sitting up there in a remote server, it did not occur or was not front of mine for lawmakers when they were doing that, and as a result, we have a system that does not protect at the rate but i think most of us would agree they should be protected. that has real-world effects. when we talk about reconciling surveillance and privacy, we used to be approaching it from a common frame of reference. in many cases, we are not, because we just don't know what has happened. we just had a case where this actually happened, again, and email context, where a judge effectively said you have a first amendment right to look at the application materials for

physical search warrants, but because an email warrant isn't really a warrant, you do not have a first amendment right to look at the application materials for an electronic communication search warrant. this is the case where the public's quest to understand and define that public frame of reference that will allow us to appropriately reconcile surveillance and such as being stymied. it is a concrete example of how i think, as you mentioned, we can be looking at ways to improve our policy in lawmaking. i will leave it at that. i look for to questions. matthew: thank you very much,

and thank you, professor, for moderating this, and thank you to you all. i am impressed that there are so many folks here this evening. i cannot even get my own high school aged son to come down here. i hope he is watching c-span, but i think he is probably playing video games right now. look, this is a really important set of topics, and i know that you, professor, has dedicated your scholarship to this question of a balance between the common good and individual rights. in my experience, those two things often our intentions, and i do not think there is any subject where that tension is more pronounced than in the area of government surveillance. my own career in the government, 20 plus years, most of that time as a federal prosecutor here in washington, and then several years in the intelligence community, including of the national security agency, where i was general counsel. i come at these issues largely from a security perspective and from the government perspective.

let me make three brief comments that i think and hope at least frame these issues from my perspective. the first of those observations really is that this is not a new debate. it feels new at times because it is very salient in this current environment, but it really goes back to the founding of our country, you know, the imperative to perfect the common good and individual rights is embodied in the preamble to our constitution, which speaks of the necessity of providing for common defense on the one hand and the importance of securing weapons of liberty on the other hand. this goes back to our founding document. in fact some of the founders spoke of this being an ongoing process when they talked about the importance or the effort to create a more perfect union, not stating that this was an end state in and of itself but rather a process or a journey that we are on together as a nation.

the constitutional matter -- and you are a bunch of lawyers here -- it is the fourth amendment that really captures this tension when it comes to government surveillance. the important concept is reasonableness. that is the touchstone of the fourth amendment, as the supreme court has said. what is frustrating, i think, is -- what is reasonableness? you have had to become comparable with lawyers and citizens that it is a dynamic concept, it is fluid, it tends to be challenged by changes in technology. i think the main point i am front to make up the top is this debate has been going on since our founding. what is reasonable when it comes to government surveillance?

the second point i would make is there are no absolutes in this discussion. this idea of reasonableness, this embodied i feel that this is a balance. when it comes to privacy, there is no such thing as an absolute zone of privacy. ben franklin understood that his diary could be subject to being searched by the local constable as long as that constable followed the law and obtained the necessary judicial approval for that search or was otherwise subject to the rule of law.

so there is no such thing in our country as an absolute zone of privacy. similarly, there is no such thing as an absolute right to conduct surveillance. surveillance has always been subject to the rule of law, and that is true, particularly with respect to law enforcement and the idea of getting a warrant to search a house, but it is also true, going back to at least the 1970's and the importance of national security. no absolutes, and the surveillance is always subject to the rule of law. have we tilted too far? i would say we have gotten it about right. i think the balance is where it should be. in the criminal context of a we have struggled to adapt to new technologies what comes to what is reasonable and when a warrant will be issued, but i think the fourth amendment has held up to the test of time. really importantly, and the national security context, when it comes to the foreign intelligence surveillance act, fisa. we renewed key pieces of that act, post-snowden, post the revelations that snowden has made about the law, and the law was effectively extended for several more years after a lengthy debate, and that extension, without any really significant changes to the law, reflects the will of the people

and the notion that congress is determined, based on the will of the people, that we have got that balance about right when it comes to national security. the last point i will meet briefly as i do think there is an area we need to work much harder, and that is on cooperation between the government and technology communities. i think we have lost some of that cooperation, and that cooperation will be critical in solving some of the key challenges we face, including encryption and cyber security because of the innovation in our technology community, and it needs to work better with government. with that, i stop, and i look forward to your questions and the discussion tonight. jeffrey: how can we balance the values of liberty and security? we can translate the text, an original understanding of the constitution, into a technology age, and the age of nsa surveillance, what does the text say? that would work for the people, thousands of papers and effects against unreasonable searches

and seizures, shall not be violated, but no warrants issued but upon probable cause, particularly describing the place to be searched or the person to be seized. what does that mean? for a nonpartisan understanding, you must consult the interactive constitution, which is cohosted by the national constitution center in philadelphia, which i am honored to head. this amazing new app brings the top liberal and conservative lawyers together to describe 1000 words about what they agree about and what they disagree about. if you click on the fourth amendment, i want you to download this app. not now, because i'm speaking, but after the show, you will find the core meaning of the fourth amendment at the timing of the framing was to outline the general warrants and with the system that sparked the revolution.

what were they? engines of tyranny who authorized assumed agents to break into the homes of citizens and rummage through their private diaries and papers in search of judicious libel criticizing the king or evidence they had not paid the hated boston tea taxes. john adams said at that moment the child, revolution, was born. so liberals and conservatives believe that any electronic searches today is, by definition, unreasonable and unconstitutional law and an anathema to liberty. cell phone surveillance, the supreme court is about to drive about the most important case for digital privacy in the 21st century. can the government subpoena --

which is demand without warrant -- five months of our geolocation records? that is locations owned by the cloud, verizon or whoever our provider is, and with these, we can use the movements of a suspected drug dealer and see that he was -- he was not suspected of selling drugs, he was suspected of stealing cell phones -- you cannot make this up. the government concluded by breaking into his cell phone records, but he was a cell phone theft. the objective of there was no valid warrant and said the search was unconstitutional. the supreme court do? my predictions are as good as yours, but i believe that this court will, by a strong bipartisan majority, hold that the search of our movements in public for a month is

unconstitutional and unreasonable. but justices are likely to emerge on the reasoning. neil gorsuch and the like are likely to say we own our property rights could when we surrender them to a company, we have expectations of those records will not be misused without respect to terms of service, and as such, that is unconstitutional. the more liberal justices may hold that we have a next rotation of privacy on the whole, so when the government can reconstruct everything we can do for five months in public, it can confine the rallies we attend, the poems we write, the love letters within a set, and in a citation of privacy just like those diaries that were seized during the revolution. i think it is inspiring

>> and we do have an expectation of privacy in those movements just like the diary seized in the american revolution. i think it is inspiring that the court is willing, by often unanimous vote to translate the values of the fourth amendment to a world of new technologies. that creates lots of hard cases that remain. what about nsa surveillance? there, the nsa is seizing records that somehow than the past. we had no expectation of privacy because of this doctrine called the third-party doctrine. that says when i voluntarily surrender a record to a third party, i lose all expectation of privacy in that. were that to be the case, an age where all of our private diaries are stored on third-party servers, we would have no privacy. it is inspiring that conservative justices, as well as liberal ones are willing to strike down nsa surveillance like this and they have quoted james otis's final case. i think they are doing a noblend understanding into an age of new technologies when surveillance is ubiquitous and involves so much on our movements in public that it clearly violates our mental privacy. the values with the right to engage in political dissent.

what about facebook? what do we do in an age where mark zuckerberg has more power over who can read up our information than any supreme court justice. the latest privacy scandal is just the latest issue for me as an observer. gained huge amounts of private data to cambridge analytical and that was used to send a targeted ads, not only in the 2016 campaigns, but to influence the brexit vote. citizens are realizing this is not the government seizing our intimate thoughts and political preferences, and trying to suppress our dissent or push us into one camp or another, it is the private sector, yet the fourth amendment says congress so make no law, it is not say mark zuckerberg should make no

law. the great constitutional challenge is to figure out what to do in an age where the powers of the platforms are not regulated by the constitution but they are exercising the power of constitutional officers. those answers are not easy, but the fact that zuckerberg said regulations may not be necessary, that europe is about to pass the most significant privacy regulation of recent years, and that even congress may be moved to act leads me to believe we will have citizens marching in the streets as they have been doing so effective recently. on behalf of the fourth amendment when it texts -- protects the same privacy when it comes to facebook and others.

>> i have been looking desperately for a way to keep you in state a little longer. [laughter] so enjoy it for one another minute. tell us, if you have your way, and the government will not be able to search our bones, unless a -- our phones, how much does it do to public safety? jeff: what is remarkable of these cases, the government could easily have gotten a warrant in the case, which was the first case where the government stuck a gps case at the bottom of a guys car. they were supposed to only search in the sea, and the search in maryland. they only were supposed to

search for 10 days, but they searched for 11. this was the obama administration, they stood up and said we have no expectation of privacy and therefore no warrant is needed. completely unnecessarily aggressive and, once the government said you needed to get a warrant, the police said no problem, we were going to do it anyway. in this carpenter case, the courts hold again that you need to get a warrant before you can get five months of cell phone records. that will be a problem either because if you have a serious enough crime like the ones that were involved in the case, and enough time to get a warrant, you can get one as well. chief justice roberts wrote the unanimous opinion in the riley case that said when you are arresting someone, you cannot search through their emails in their phone.

a phone is not like a cigarette packet. the phone has our emails and we have an expectation of privacy in our emails. i respect your dutiful effort to balance the interests of liberty and security, and i thought you did a thoughtful job in the balance, but these should not be hard cases. and they are not because they are nearly unanimous. for the framers, you need physical trespassing before you can go over the fourth amendment. in the 20's, they said if there is no physical version, you can go to wiretaps. it's exciting to see that they are doing things without physical trespassing. >> what an honor to be here and follow in the eloquence of jeffrey rosen on talking about the doctrine. you should go to visit the

constitution center which he is the leader of. as a moment of indulgence, i'm a tenor, i think in my temple choir, i love singing, and i never thought i would get to the arena stage here. [laughter] [applause] let me just say that. i'm sorry, i have a sore throat so i can't sing tonight. [laughter] it's actually true. i come back to this community and do it a little differently. thinking about the communities of which nation and which community. a lot of the issues today are things stored in the cloud. where the united states government might want to get it under the fourth amendment, but maybe the british then wanted. maybe we trust the british maybe. then maybe india or china wanted. we are going to have to sort through all of the countries in the world.

it will not just be our one community being behind two oceans. it will be somehow interacting with the rest of the world. when we do that, there is a great temptation to think of american exceptionalism. it is our constitution, there is the fourth amendment which jeffrey just gave us in verbatim. let's think about, if we share with the rest of the world when england should get access to it or france, some of these things, we should have fundamental rights protecting them even if they are requested from other countries. for instance, we might say we only share and have reciprocity with other countries if they have probable cause for warrants. that might seem the fundamental thing you have to have. there has been proposals that the u.s. should get access to u.s. companies as long as they get probable cause. no one else has that standard. that is an unusual standard that is held by the u.s.. maybe we can settle on something else as the bear minimum of what human rights requires read let's

have a neutral or independent magistrate. that is another part of the fourth amendment, except when i took history and law, and france, they don't do that. they are investigating magistrates that are involved in prosecution and don't have independent. in many countries, no independent judges, and so now, what communities do we go to? are there principles? universal rights? or do we say everyone gets to do it for themselves. defining a community is important. there are some sentimental rights that we want to have in detail. we can get a lot of people on board for that. we can have rights before the government seizure emails where we might have a principle, some check on the zealous prosecutor,

or the exact details might be different. there will be some things were countries very. once they differs from another. when we think of independent and community in a world of 200 countries, where emails are accessible to everyone else, we have to think through the 200 countries. i'll give you an example from a debate. we can come up with discussions in the united states of whether the nsa or fbi should be able to get decryption, to get into our correct -- encrypted communications.

in the united states, we might be able to build a structure to make sure they never abuse it. maybe we can hope for that. once the u.s. or companies provide a technical means to open it up, i said technical means that is open to china and russia, so as you think about opening it up, do it as long as you would trust the least trusted country to do it. if you trust russia and china with access to decrypted stuff, go ahead, but if you do not, don't think the u.s. will have the magical ability to see this for the community. or think the chinese and russians won't. we will have the same software, same devices, and the same problems. in a gripping, -- in the encryption, there are countries that i don't trust. i won't let the u.s. have a way of having broken encryption. we should have technical means for cyber security. but then i say something else, and i will stop here. the police say they are going dark, can't see the encrypted information, the bad guys will get us. going dark means the police can't see anything anymore. instead, we are in a golden age

of surveillance. that is what the facebook story tells us. we carry a tracking device on us at all times for location. a lot of you grew up not having a tracking device. now you all have one. you have databases, facebook, and everything else. you have cameras of people around you all the time. the police have enormous resources to find things for the

common good. we will live with that and try to put checks and balances on that. but then, beyond that, we should not break the encryption for everyone. we have to have technical security. if we don't do that, businesses can you are -- do the things, and everything will be broken for everyone. that is a much worse world. >> i guess i get to play a little cleanup here. i will do my best.

this is quite a distinguished panel and i second peter's statements. visit the constitution center, it is really -- and if you have children, take your children. i think it is a must visit for anyone who cares about these issues and others that are going on today. certainly, thank you for inviting me to participate tonight. this is such an important discussion and it is an important discussion to have a dialogue about civil society in a civil way. these are challenging answers that no one entity will have the answer for. the courts will have the answers, the government will have all the answers, companies may not have all the answers. civil liberties groups may not have the answers either. collectively, i think the hope is that we can come up with solutions on how best to move forward. in part, it has been interesting and peter and i go back a ways working on privacy issues generally for 20 years? jeff: yes, about 20 years. frank: it has been interesting to see the dynamics and how things change over time. there's a big privacy conference in washington dc. i remember when you could not get 10 people in a room talking about privacy, and now they have thousands of people who

participate from all walks of life from companies, and advocacy organizations and others, government, on talking about privacy and trying to figure out different issues that are important. what i've seen develop over time, and is really come to be a part of the discussion today, is two things. wine -- and some of these have already been discussed, is the advancement of technology and the law is not kept up.

also, the global nature of what we are talking about now. it is not just the united states laws that microsoft and the companies like them have to abide by. it's how these things mesh together. and how to decide of a fundamental importance, our company, and that is how to maintain customer in consumer trust, maintain the trust of governments that you may be engaged with his well. for us, that goes a little too, or a lot to, what are the expectations of our users? how do we stand up for our users? especially when there might not be a rule of the law hasn't -- because the law hasn't caught up. for microsoft, we consider to be -- that to be a fundamental human right. because of that, we do things differently internal as regards to privacy. we also challenge the government and we have done that in a few instances. we have challenged the government when the two gag wars. in part, -- we are entrusted

with our customer's information and the information -- the government law enforcement wants to come to us, a company and ask for information. should we be allowed, in certain cases, not all cases, should we be able to tell our customer that the government is seeking data. because the customer is in the best position to defend their rights. in this age where before the customer is holding all of their data in file cabinets, which probably isn't the most efficient way to hold data, the government would have to go to that particular is this entity

and serve them with the papers and get the information that way. in another case, we received a warrant for information, about five years ago, we received a warrant for information from one of our user's email accounts. we took a look at when we receive these legal requests for information, we check in to see whether or not they are legal requests, do they comply with the law, and in this instance, we said we don't think the law that currently exists that was written in 1986, applies to this warrant because it is seeking data that is of a foreign national that is residing in one of our data centers in dublin, ireland. we challenged the case and the case went through the courts, we lost in the lower cases, appealed to the second circuit, and we won in the second circuit. the court said, in part, that this is a situation for congress to act on, that they agreed in part that when congress passed this law in 1986, they did not contemplate the world -- the way the world works today. congress did not contemplate this sort of situation where companies are global, information can be held elsewhere, we have u.s. law enforcement seeking to go in and get this information, for a

foreign national in a foreign place, shouldn't that citizen of that country, say ireland, germany, france, pick the country, have an expectation that the laws of their country should apply. that gets a little to what peter was talking about. so we challenged the case, it made its way to the supreme court, we will see what the supreme court has to say. but at the same time, also believing in the second circuit's view that this is one for not the courts, not any individual company to sort out, but one for congress speaking on behalf of the citizens has to determine what the best way to

move forward. ws, this law -- la passed in 1986, to contemplate these are come search -- the current circumstance. trying to work through how a new law or revision, a change to the existing law will work, u.s. law enforcement can seek this data. we had to come up or work with congress to come up with the right legal framework. w\hat we found was, we were all -- what we found was, we were all facing the same situation, is not only because we are global, we are getting requests from u.s. law enforcement, also from foreign law enforcement for information that we, as a u.s. makeny, maybe holding --

be holding about citizens of their country as those law enforcement agencies are investigating cases in their country. the same law that we did not think applied in our case, provided a "blocking statue" from preventing u.s. companies turning over that information to foreign law enforcement of another country, even if under that country laws, those requests were perfectly legit. how do you fix this going in both ways? as it turns out we worked for a , number of years on legislation that was passed last week, the cloud act, attached to the omnibus bill that was passed. it allows for u.s. law enforcement to request data that u.s. companies may have, respecting and going through a process, looking at the laws of the other countries, asking the

for thosethe ability countries to object to that request. for companies receiving that request to reject that, and setting a rule that allows u.s. law enforcement to obtain data on -- that a company would be holding about u.s. persons, wherever that data may reside. there is a current court decision, the codification of this did not happen which is fortunate, there is a legal decision that requires law enforcement to continue to follow it. at the same time, the law allows for the u.s. government to negotiate treaties with other countries like the united kingdom, for instance, to allow for those foreign countries to data about their citizens y be u.s. companies mak

, provided that certain things are met, including that they had to go through human rights records, congressional oversight that they not seek information about u.s. citizens. all of this is a long-winded way of talking about one instance where our company recognized that the existing laws don't mesh with the way the world works today, and the importance we thought of protecting our users and trying to set a rule of the law that will carry us forward. there are likely other scenarios like this where, like i said, the existing laws have not caught up with the changes of technology. there is going to be many instances where additional public discussion, debate, back-and-forth engagement will be needed to sort out a good path forward.

>> that is excellent stuff. i have 20 questions i want to ask you. i want to also get our audience in. i will ask you one question, and that concerns -- we heard repeatedly that the golden standard for protecting our privacy is that the government not be allowed to search them unless it is specific authorization or specific search. basically, that is the golden standard. a day behind it, the government should not go fishing for -- should fish for significant information to show they were part of the crime. what if there are private keep -- on 100

and sell themans to the government? isn't that a much bigger deal? than when we hear about what happened on facebook, doesn't make a mockery of the whole idea that the front door is locked, and the government cannot go and search, but they can get it with clear choice [indiscernible] i need to explain what i'm talking about. i think all corporations, keep information about their client in order to, instead of advertising, improve the service. some of them so that information to others to get some side income. a small number of corporations, clear choice has recently been

business-- the only ofe is to collect tons information, including medical information. in one case, 20 million americans, and in another case, 78 million americans read they internalacts at the revenue service, immigration, to send that -- sell that information. don't we have to rethink this whole notion that as long as the government's warrant, the private sector can avoid it. how can that be? the difference between the fbi having the dossier on 200 million people, and give it to the government, is one click and -- and clear choice giving it to

the government is one click and one check. no difference. where do we go from here? frank: the events of the past few weeks, around facebook as well, this is one where, like i said, in my remarks before, we really do need to have a public discussion. for some companies, i think maintaining user trust, where you have a more direct relationship with your users, consumers, enterprise customers, business customers, certainly doing something that violates those -- that trust will have some probably fairly significant business impacts.

and so i think one of the things i have seen over time, is increased public interest in these sort of topics. i think that -- and jeff alluded to the marching in the streets, while that may be more optimistic than i think will happen, nonetheless, i think over time, we will see calls for some rules, changes. i think some of what you talked about may come as a surprise to a lot of people. if that comes up, what will they ask of our lawmakers or regulators in terms of doing something, curbing practices. i have seen the pendulum swing between the days after 9/11 where people would say in the name of public safety, the government should be able to get this data.

it is important to protect us and keep us safe. and that should be priority. and after the snowden revelations we saw the pendulum swing in the other direction. do we really want the government to be doing what some of the revelations revealed that the government was doing or trying to do? a great question and i think as time marches on, we will see folks working on what the right solution should be. >> so the question is about data brokers and huge amount of commercial information that the government can get. i look at it this way, and the european union, as jeff mentioned, in may, they will have a very strict law go into -- privacy law go into affect. it is pretty easy to pass regulations and directives in

the eu. they write a lot of them. in the united states, when it comes to regulating huge, successful companies, we don't pass a lot of laws. it is pretty hard to regulate them. these same proposals have been around since the 1990's and have not passed for internet privacy on these companies. in my world, we have the u.s. not regulating, even when we see bad problems. we see the eu regulating more than i think they should, what we haven't had is a good enough imagination of what can be in between. people haven't really -- at the legislative level of craftsmanship that went into the and i think people are starting to say, social networks, what else is going on. congress has a chance to imagine more than they could imagine. there are people on different sides of the political spectrum that are not happy with what they have seen. that will take active work of imagining where there is some regulation of big business that makes sense.

if the answer is zero, we will have businesses collecting everything and doing everything. if you want less than that, you will probably have to have laws. and we don't know those laws and what they should be yet. jeff: just a quick thought, since peter is right, the court -- that the u.s. is suspicious of regulation of the global private sector. the court will have to do it in the u.s. it is remarkable and criminal procedural grasses -- classes how much time we take to find out whether a private citizen is being used as an agent of the government. there is something called that -- called the silver platter doctrine. when the police go along with a taxidermist who is looking for marijuana and the real purpose of him going into the phone -- house is to fund it, but when -- find the marijuana that he is , butnt of the government

when the police officer asked him where he is not, if the situation is where you describe, the data is used as a specific purpose to give it to the government, it would be -- it would not be a stretch for them -- and they might be willing to say that you can't do it through the back door what you are not able to do through the front door. amitai: just to clarify, i see what you are saying. they are not collecting it for the government. they're collecting them for anybody, in addition, they shared with the government, obviously. >> i think i agree with all three of you on this question. of course the problem is that so much information is being collected by the private sector that people, the business model of these companies is to have us exchange the data, to give them our data so they can sell it and give us great free services.

we are seeing an instance where that's business model, facebook's business model is being called into question because the way they make models that money, is by selling our data. we have made his bargain that we get is great free service out of it. the question is, would we be willing to pay for the service to have more privacy regulation? -- privacy protection? that is an open question. another quick observation, a quick challenge in this area. i think the courts are challenged in drawing the line. -- drawing the lines about what point giving over data voluntarily to a third party becomes a fourth amendment violation. when the government gets that information. this is really a job for congress. i realize that may be futile in the current environment, but courts are not very good at coming up with policies as well as implementing the policies that congress puts into a fact.

-- policies as opposed to implementing the policies that congress puts into a fact. i think we have a separation of powers issue here as well. >> i agree with all that is just been said. there are probably three other things i would note. as you note, the note of -- notion of legislating this regulating thely private sector election of information is extremely difficult, there's a couple of things that we could conceivably do. one, we should pay attention to how the government is able to get the information that we share with private sector entities. in the united states, we have the privacy act and that tries to control information that the government has. i think that is an important element to protecting individual freedoms in this new, brave digital age. the second point, is the old

joke if it is free, you are the product. i think that is something we all need to internalize. we need to understand, what information we are giving over, how it is being collected, and how it is being used. that leads me to the third point, which is we need to have the tools at our disposal to figure out how much information is being shared, how it's being used, and that is a cute when you are talking about the government using tools like the freedom information act or local sunshine laws. it is also important for the private sector, this notion that sunshine is the good -- the best disinfectant. one of the reasons that it is such a good disinfectant is that the chance that there is going to be sunshine to check on someone from doing that thing. amitai: thank you all very much. if there is anybody in the room

not feel completely reassured on the issue, let me tell you, you are not alone. [laughter] there are some standing microphones there, but maybe we should try that? i think this room is smart enough. raise your hand if you want the floor. >> on the left. >> good evening. i think you and your panel has touched on a numerous amount of making and they challenges of technology changes, but the question i have deals with a prediction of behavior of individuals who use -- or should i say misuse the technology to misuse people's personal information.

do you see a time when, if not through government, maybe private companies working with government, that we might have a way for individuals to challenge companies on how the information is gathered and used, or in this case, prevented from being misused. do you see a time in the future were maybe we can start predicting bad behavior as it orates to a business model an organization gathering information and misusing the information? peter: there has been another law passed by congress that addresses that. congress passed laws when we weren't looking. it might be called festa, i'm not sure. here's part of what it is about. up until now, if you ran an online service, and people posted stuff that was bad, the company that was running the online service could get in trouble.

-- the company that was running the online service could not get in trouble. they had intermediary protection from section 230 of an old law. the new law passed, which i have not studied in past, makes it legal for people that organize these websites from getting in trouble. particularly around things we -- things like sex trafficking, and other things we are all against. one of the things that has happened this week, craigslist has dropped all of its personals because, and sorry folks, you missed your chance, after decades because craigslist said under this new law, they could no longer lease the signals -- police it strictly enough. craigslist's own assets were on the line. read it -- read it -- reddit has also done so. there has been legislation

creeping in saying some of the speeches, are the risky enough for congress to say no? state laws are also moving forward on the third area, sometimes called revenge porn. this is a bad thing to do. you have pictures with your intimate friend, you break up, and then post pictures to the internet. that is revenge porn. these are all examples of some misuse of these online services where the company's are starting to take the hit for it. up until now, they did not have to. now they are saying, what are we facing because the abusive actions are now starting to get liability on some of the companies. >> but this intermediary liability is not without cost. here is the danger. the europeans have passed a sweeping new law called the "right to be forgotten." it comes from a french statement. [laughter] if we were in france right now, and somebody was to tweet that

jeff was going on too long and taking up too much time, or something like that, after the show, i could sue google and have them remove this offense against my honor. google would then have to decide whether i'm a public figure and whether your to be is in the -- in the public interest, and if they guess wrong, they are liable to up to 2% of their annual income. for google, that is like $70 billion last year per tweet. if you look at europe, including articles about the right to be forgotten itself, putting liability on the intermediaries to police, clashes directly with american notions of free speech. that is why the section that peter mentioned, is incredibly important and distinguishes america from europe.

generally we don't ask facebook and google to look at content and decide what is embarrassing, true, and what is not. in light of these regulations, -- facebook revelations, there will be new pressure, especially news toight of fake decide what is fake and what isn't. do we really want the platforms to be deciding truth? very hard question. my instinct is to not put that on the intermediaries and to come up with another solution. >> good evening gentlemen, i am dominic. as you might be of the here for -- ablet, -- "to hear i come from germany, and we had a police state for a couple decades, and because of this, i was very happy about the point that mr. olson made in the end about big corporations because, in my opinion, there is

a misunderstanding of the current facebook scandal. in -- it ismy oath not abuse of facebook and misuse of facebook data, it is use of facebook data, what has happened there. the whole problem that has been raised already in the panel was the free mentality that we see in the internet. it is convenient to get all of the services that we want, messaging, email, and this one for free in exchange for our data. i've it for my -- i do it for my i pay forice provider my messenger, i'm in the commonest -- i am an economist, i do not know if they will keep my data safe, but as an economist, i know there is no freedom -- no free things. they have no other choice and basically using, selling, and

exploiting my data. what i would be interested in knowing is what can we do or when will the rest of us wake up and realize there is something going on wrong and maybe change their behavior? what can we do to incentivize them? can we do anything else to make them understand that there is no free lunch and that not only the government, but the specialized agencies like our problems, but also microsoft, google, and facebook. [indiscernible] [laughter] >> when i talked earlier about seeing the progression of privacy through the years, one thing that has challenged companies through the years is how to make it transparent to users about what they are doing

with their data, how it is being used. i have seen this at my company and likely others, we have gone from -- you start to read through the policies and you get to the 45th page and the engineers who wrote it, have to explain what they are doing and it begins becoming this legal gobbledygook. you want to be very descriptive, but how do you turn that into something understandable for the average user? one example, if my grandmother could not understand it, we have to go back to the drawing board. companies have worked through ftc took itd the

upon themselves through the years to try to be helpful in providing some guidance. two usesd to explain and a very simplistic way what they are doing with their data, how it is being used, what happens downstream, are you selling it to other users, what is going on? to get your point, transparency will become even more important. theink that that -- that revelations that we have seen, it has been interesting watching the reaction of some of our policymakers who themselves did not understand how data is being used, what is being collected about them, so you do have to make the choice. do you want the service provider -- service provided for free in exchange for what is happening, but to make that decision, you have to understand what is happening in parameters around that. if you don't want that, you have to decide, do i want to pay for the service?

this is one that i think people are going to have this discussion and people will have to make these propositions for themselves. i think what we will see is the regulators either here or europe step in when they think companies are stepping out of bounds. certainly it is out of bounds if you are say you are doing one thing in your privacy statements makingpromises you are to users, and then you go about doing something else. or, if you are being too opaque about that. i think the ftc has brought cases through the years against companies, and correct me if i'm wrong, that might not be misleading, but maybe fudging a little bit about what they are doing with people's data. >> one quick observation on the economic bargain. it goes back a long way. people used to have party lines.

you would give up some degree of privacy by participating on the party line on your telephone. this goes back decades. we are seeing that now. as an economist, you would appreciate that it would be up to consumers to drive this or offer more transparency and ease around the privacy protections. consumersers -- or will stop using the services. i think we are a long way from there and all of us who have any interaction with young people are shocked at what they are willing to put on their public facebook or instagram, or snapchat. so maybe privacy is changing for the next generation and they are willing to give up that amount of privacy for these incredible services. >> can you stick around for a moment? i think economists struggle with asymmetric information. to assume people are willing to

give up private information for a free service, that if they, for instance, -- it never occurred to me that buying a pair of sneakers would with the fbi. or they use information from different sources to define my medical condition without correcting the information. to what degree, in order for that free deal to work, there has to be symmetry of information. >> the problem of all digital technologies is that people don't know how to use them properly. when we talk about privacy, i talk about this concept with my friends and say i have nothing to hide.

i ask them, why do you have curtains in your windows? why don't you write any intimate information on postcards but you would send it in a letter to your loved one. it's because someone else can read it. the problem with all this digital information is that somebody else can read it, and --e of can see it, but but it else can see it, is so abstract. it is a computer, and there is less fiber in between us, so you think just the fact that i can't see it and touch it, that basically puts them in an abstract space and does not make it understand -- does not make us understand that it is accessible to the people that have the skills and capacities. the big problem i see -- and jeff you just mentioned it, the

big problem is why do all of these companies like microsoft and google, why are they so powerful? because we made them so powerful. it is that simple. without the kind of information, data, privacy is that we have given up on a voluntary basis, and that we have given up willfully to a very few players in the market, they wouldn't be able to create and establish, and analyze all of these profiles to take advantage from them. >> i'm ruth holder, i have spent the last 25 years or so in telecommunications. one of the provisions in the 1996 telecommunications act was

a strict protector of proprietary information. when mr. rosen was speaking about the cell phone thief who was tracked for five weeks through verizon, and as someone else talked about this noted revelations which, in my understanding, was something like this giant data room where everything that went across at&t and verizon networks, was being where snowden revelations in my understanding, was something like this giant data room where everything that went across at&t and verizon networks, was being listened to and whether it was u.s., or foreign speakers, it was all listened to and is supposedly the government was going to decide what they could or could not use. i am wondering why, where those things not protected by the prohibition against sharing cpn i with anything -- anyone other than customers themselves. jeff: i've worked on all the things you have mentioned. the snowden revelations, and there were previous lawsuits

that the electronic frontier foundation brought, i think people now call that part of the upstream program. the upstream program would be a lot of stuff coming across the system and the nsa is authorized by a federal judge under section 702, a real judge, confirmed by sa the pfizer court -- fi court, a real judge, confirmed by the senate, the point there, there has been authorization for specific identifiers, like this email address read so 1000, one million, 10 million things go through and only that one item is able to go through the nsa storage. you could say maybe they are doing that, maybe they are breaking the rules. that was reapproved by congress this year. that approach. that is not a secret anymore and that is what congress approved.

in terms of cpni, that had to do with the phone companies for commercial use selling data about people's usage. so under a court directive, for fisa or verizon for cell phone stuff, a judge of said we are -- a judge has said we are the government, we are giving you the right warrant area and cpni does not stop that. cpni says the company should not use your information for personal purposes. but that does not stop judges. it does not stop law enforcement or national security if they have shown a judge they have a right to see it. >> good evening. i don't want to derail the discussion too much, because my question does not really relate to social media platforms or the kind of technical aspects of a lot of cyber security, but it does such on the broader elements of security versus privacy.

i was curious because some of you have experience with safeguarding medical information that has been referenced in your comments. how do you respond to the current debate over the right to purchase firearms? i know some people say -- and to be honest, i think i am one of them, if someone wants to purchase a firearm, it is a relevant matter what their medical history is, and what their psychiatric history is, but as the matter stands today, that information is not around for state and federal background checks. i'm curious to what your thoughts would be on that subject within the parameters of privacy versus security. amitai: it is a legitimate and timely question. before i turn it to the panel,

let me mention one thing that most of you may be familiar with. you used the term medical information, the law does not protect your private medical information, it tells certain entities like doctors, clinics, hospitals, that they cannot the voltage -- the voltage -- vulge medical information. if you use any of the apps, to check on your heart rhythm or status of any other medical condition, they are perfectly happy and able to sell it. it is important to understand that the law differentiates between which is protected and small units from sharing information. >> that is a wonderful and

important question. from a constitutional standpoint, let me recommend that nonpartisan active competition -- act of competition. if there were to be proposals to allow sharing of medical information as part of background checks, the second amendment would not prohibit it. on the second amendment -- the on the secondner amendment agreed that the purpose of the second amendment is to prevent a terrific federal government from disarming citizens, it is not a debate about an individual or collective light, and in the heller decision, justice scalia's decision said the shootings -- said it would be consistent with the first amendment. if we fail to pass a regulation, it is not the constitution's fault.

it is because congress and the states do not want to pass it. what is so interesting about your suggestion, is you can imagine a system that balanced the use of this data for security purposes with legitimate privacy concerns of individuals and gunowners, second amendment advocates are concerned about the vilest that you cannot get off of. -- about the do not vilest -- buy list that you cannot get off of. you can appeal to get off of it, and query anonymously unless the individual was found to have a serious mental illness and was put on a you not vilest very -- do not buy list. you could, in theory see the congress passed this. -- design this great system and congress could in theory pass it . >> good evening, thank you very much. can you hear me?

ok. this is very interesting, thank you so much for sharing your opinions and experiences. today at work i have the -- had the opportunity to review the privacy policies for the messaging app we use at work. they are about to release a new version of that, they are revising it and having the new policy. they are doing a better job of being clear or less legalese. however, they are not any more clear in what it actually means. they don't define the terms, or say what other means or third parties means, or what other uses could be, so with zero legal training, and not a lot of time to study this in depth, what resources are available to people like me would like to -- who would like to understand more, don't want to hire a lawyer to assist, don't want to pour hours over these terms, are there consumers unions, anything working on this? i heard about the electronic

frontier foundation. could you share resources on more information and could you recommend anything as credible? jeff: you mentioned them and they are great one. a number of other organizations -- you can also one of the issues here to is, he don't understand it, is just a regular reader, that is a problem. there has been a shift on the part of technology providers to make the material as understandable as possible. if you are reading a privacy policy or terms of service on a website, and you cannot make heads or tails of it, that is a red flag. just very briefly, consumers union has announced a major

project. you are going to start trying to systematically rate products for security and privacy. knows what isd being collected in your car with the electric cell phone port. an effort for ordinary consumers to have someone to look to try to figure out which of these is better to use. >> if you're just looking for general information, i would recommend the ftc's website. butnot sure exactly where, just general information, because they have done work over the years around how to make privacy policies more understandable and readable. a professor at the university of california berkeley through the years has company's to digest privacy policies and how to read them. >> can i make one quick other suggestion.

it occurs to me that this is an area where security and privacy come together. when you think about cyber security and what happens when companies have your information and they do not properly protected, and you think about the equifax breach, which certainly affected everyone in this room. it was okold equifax to -- we never told equifax it was ok to hold the information and so that information. security that they're providing to protect that data, the better privacy -- better our privacy is protected from being lost or stolen. >> thank you. our front from microsoft mention that collaborative act -- clout act earlier. i am curious of everyone's take on the clout act. it was not really a consensus on whether it is a good thing for the public. of us or not completely familiar, can you explain it? >> i know that other tronic

frontier foundation -- the electronic frontier foundation and other groups were opposed to the cloud act. they said it would kind of circumvent the traditional way by going through the omnibus. do you have any thoughts on the clout act? cloud actut act is -- is two basic parts. microsoft is challenging a probable cause warns that is -- -- warrant that is seeking data that is physically stored overseas. that case is effectively that the law that permits an email warrants does not apply -- apply territorially. act says that a gmail

provider must disclose to the government those emails, regardless of where the data is. second part, which would deal with were called mutual legal systems treaties. if another country wants law enforcement assistance or if we want law enforcement assistance image legale is assistance treaties where you go through in many cases the other country would come here. the department of justice would get a warrant, get the information, and send it overseas. this would create a system where withepartment of justice the concurrence of the state department could on its own enter into agreements with another country where they say that the other country has sufficient digital protections whererotect privacy on of

-- enough what we can have a reciprocal agreement where they can get stuff here and we can get stuff there. in terms of provisions on the itself, it wasaw included in the omnibus. i think it would have benefited from additional debate and additional publicity. i think everybody agrees that there are certain concerns -- i think that even those who support it and support it for very good reasons given the alternative of agreed that it as -- alternative agree that it has certain parts that we need to keep an eye on in terms of a privacy perspective. >> we have a project at georgia tech. ithave a whole webpage on and hundreds of great pages to read about it. i would say based on that it does aand i think

surprisingly good job compared to what might have happened. there's things you can polish come undoubtedly. if we did not fix it, we were going to have a mess. you always have to judge whether this imperfect legislation is better than the mess we would have had otherwise. i have written about why think all things considered is good for privacy and civil liberties. people have disagreements on that. >> with her two positions from the panel -- we heard to visions from the panel. that once youdea release information to another party they can do with it what ideawant -- we heard the that once you release information to another party they can do it -- with it what they want. here --ok at the fine fine print here.

forhey want to use it second use, or give it to anybody else, they have to go back and give your permission. those are the two extremes of the continuum. i am closer to the european union position. it gets a little more intricate. first of all, if indeed every time a commercial firm wanted to use information you released -- you ask for permission, you will be spending the entire day on your computer sank yes or no -- saying yes or no. i don't think most europeans do that. second, if you read the law, as did, itme it exempts -- exempts --. pretty soon what it looks like

such a wonderful solution that nobody will touch the data unless you get permission, and then you will add one last thing. the europeans have the complaince --. every time i went to europe so far, i said if anybody in this room has been -- by anybody, will you raise your hand? i saw one hand rise. they said that amazon did. let me take it back to the panel. practicalopean law realistic -- or realistic? where do we find -- between the third-party doctrine and this notion that anybody needs to give permission to use data?

>> the idea that -- neither of them sound satisfying. the idea that once we release and are information -- release any information anybody can use it how they want. risks the danger that we might give away our privacy in exchange for a toaster, or we might just click away, not read the policies, and then we cannot. get about the alternative to the third-party doctrine is answered by the question wwbd? do? would brandeis [laughter] he says that the proper question is: is the government invasion an unreasonable intrusion on our security and safety?

if it does, then it is unreasonable and impermissible even with a warrant. he said that wiretapping is so invasive because you can hear the conversations of people on both ends of the telephone conversation. it was unreasonable even with a warrant unless the crime was very severe and the suspicion was very intense. so that is the practical question that we have to ask. havedoes it mean to cognitive liberty and freedom of our thoughts, sensations, and emotions in a free society. when the search is so vast that it invades that privacy, it is inherently unreasonable, even with her without consent. about thisxcited discussion that i did not realize that we are out of time. [laughter] at this point all that is left for us to do is thank the panel for a wonderful discussion. [laughter] [applause]

>> here is a look at our live coverage for wednesday. department officials give their perspectives on legal and national security surveillance issues in an event hosted by the international association of policy professionals. that is at 1:30 eastern here on c-span. than april investigates how international criminal organizations use the internet and the postal system to get opioids into the u.s. consumer to the federation of america hosts its food policy conference in washington at 8:15 am eastern. years, "inly 20 depth" has featured the nations best nonfiction writers. this year we are featuring best-selling fiction writers for monthly program. join us live sunday at noon

eastern. is down theent book river. his other books include double with a red dress, which is made into a motion picture, plus other up -- 40 other books. the special series "in-depth: liveon addition" sunday from noon to three cockpit eastern on c-span two. >> next, a conversation on gun violence, public health and the second amendment. we will hear from legal, public policy, and health officials at this event hosted by georgetown university following last weekend's march for our lives rally. >> ok. they have a sank in